(no commit message)

diff --git a/posts/2023-11-04-k3s-setup-plain-rootless.mdwn b/posts/2023-11-04-k3s-setup-plain-rootless.mdwn
new file mode 100644 (file)
index 0000000..4b99b43
--- /dev/null
+++ b/posts/2023-11-04-k3s-setup-plain-rootless.mdwn
@@ -0,0 +1,72 @@
+https://docs.k3s.io/advanced#known-issues-with-rootless-mode
+https://github.com/k3s-io/k3s/issues/6488#issuecomment-1339946080
+
+```
+adduser k3s-vault
+
+# user gets ID 1003
+
+cat /etc/systemd/system/user@1003.service.d/override.conf; echo
+[Service]
+Delegate=cpu cpuset io memory pids
+
+
+sudo tee -a /etc/modules-load.d/k3s-rootless <<EOF
+fuse
+tun
+tap 
+bridge
+br_netfilter 
+veth
+ip_tables
+ip6_tables
+iptable_nat
+ip6table_nat
+iptable_filter
+ip6table_filter
+nf_tables
+x_tables
+xt_MASQUERADE
+xt_addrtype
+xt_comment
+xt_conntrack
+xt_mark
+xt_multiport
+xt_nat
+xt_tcpudp
+EOF
+
+apt install uidmap fuse-overlayfs
+
+printf "net.ipv4.ip_forward=1\n net.ipv6.conf.all.forwarding=1\n" | sudo tee -a /etc/sysctl.d/forwarding.conf
+sysctl --system
+```
+
+
+as user:
+```
+wget https://raw.githubusercontent.com/k3s-io/k3s/master/k3s-rootless.service
+$ mkdir -p .config/systemd/user
+# adapt file and add following env vars
+Environment=K3S_ROOTLESS_CIDR="10.41.0.0/16"
+Environment=K3S_ROOTLESS_PORT_DRIVER=slirp4netns
+Environment=K3S_ROOTLESS_DISABLE_HOST_LOOPBACK=true
+Environment=K3S_ROOTLESS_MTU=1500
+
+mkdir bin
+   10  wget https://github.com/k3s-io/k3s/releases/download/v1.28.2%2Bk3s1/k3s
+   12  mv k3s bin/
+   17  chmod +x bin/k3s
+   18  ln -rs bin/k3s bin/kubectl
+
+add to .bashrc:
+export PATH=~/bin:$PATH
+export KUBECONFIG=~/.kube/k3s.yaml
+
+   21  systemctl --user enable --now k3s-rootless.service
+   22  systemctl --user status k3s-rootless
+
+# kubectl version should now work.
+
+```
+